At the beginning of this year we noticed that the Deepin Desktop as it is currently packaged in openSUSE relies on a packaging policy violation to bypass SUSE security team review restrictions. With a long history of code reviews for Deepin components dating back to 2017, this marks a turning point for us that leads to the removal of the Deepin Desktop from openSUSE for the time being.
  • Leaflet@lemmy.world
    1·
    11 hours ago

    Security is hard and not the fun part of programming (for most people anyway).

    KDE and Gnome have problems too.

    Rationale for Accepting kio-admin into openSUSE

    We have dealt with these types of APIs in KDE since 2017 without achieving any notable improvements. As we are responsible for product security we tried to protect our users from potentially harmful components. At this point, though, we don’t believe that this situation will change anytime soon. Meanwhile users still want to use features like the one found in Dolphin, and don’t understand why openSUSE does not include them.

    https://security.opensuse.org/2025/02/21/kio-admin-admittance.html

    • sugar_in_your_tea@sh.itjust.works
      1·
      10 hours ago

      Oh certainly. What I was pointing out is the repeated failure and lack of acknowledgement of security issues. KDE and GNOME take it seriously, it seems Deepin does not.